Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

VulnCheck KEV
VulnCheck KEVadded 2023/08/28 12:0 a.m.1 views

VulnCheck KEV: CVE-2023-33246

Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and lack permission verification. An attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running...

9.8CVSS7.5AI score0.94388EPSS
Exploits11References1
Positive Technologies
Positive Technologiesadded 2023/07/12 12:0 a.m.5 views

PT-2023-4093 · Apache · Rocketmq

Name of the Vulnerable Software and Affected Versions: RocketMQ versions prior to 4.9.7 RocketMQ versions prior to 5.1.2 Description: The vulnerability in the RocketMQ NameServer component allows for remote command execution. This issue arises when NameServer addresses are exposed on the extranet...

10CVSS7.9AI score0.94002EPSS
Exploits1References18
OSV
OSVadded 2023/07/06 9:15 p.m.2 views

GHSA-X3CQ-8F32-5F63 Apache RocketMQ may have remote code execution vulnerability when using update configuration function

For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by...

9.8CVSS7.5AI score0.94388EPSS
Exploits11References11
Rows per page
Query Builder